What Should I Do If My Business Is Hacked?

Contrary to popular belief, businesses of any size can be at risk of hacking at any time. The threat of cybercriminals attempting to hack businesses is constant. And it is not uncommon for cybercriminals to steal sensitive information. Stolen funds or cause disruption to your operations. You should be taking steps to ensure your company’s data is well protected at all times. 61% of all data breaches 2017 occurred in businesses with fewer than 1,000 employees. And cybercrime is rising every year in the UK.

This shows us why your company’s protection should be a top priority. It’s vital to note that no matter how good your cybersecurity is, nothing is completely bulletproof. Cybercriminals or “hackers” know how to surpass many cybersecurity solutions. And it could be the difference between your data being safe or stolen. Cyber threats can be hard to notice and may even be well-masked. For example, an email is perfectly designed to grab the attention and pique the interest of your employees. Likely, you have already done everything possible to reduce your cybersecurity breach risk. But this does not mean the chances of you getting hacked are 0. The following guide outlines how to react quickly should you find yourself in a dilemma…

1. Recognise there is a problem, keep calm and take action.

Cyber breaches are much more common than most businesses know. The longer a hack is ignored, the larger the chances of more damage. If you or someone within your company identifies that something isn’t right, you must take action. Working fast to resolve flaws may help to mitigate the risk. It is vital to note that, no matter how severe, a cyber breach does not mean the end of your business. Dealing with a cyber breach effectively and on time ensures your reputation stays intact. And you don’t spend your precious time and money attempting to rectify the situation.

Although some damage may have been done, the key is reducing its negative impact on your business. Depending on the extent of the breach and the person performing it, the hacking may be obvious. But there are also more subtle indicators that could suggest you have had a minor breach. Or are in the process of being hacked. A specialised IT expert would be able to identify more subtle hacker activity. They are familiar with the common indicators and know what they’re looking for. However, everyone should be vigilant and cautious. Look out if you come across something that seems out of the ordinary, such as:

  • Reports from colleagues or contacts saying they’ve received some odd emails from you containing links or attached files.
  • Not being able to access certain files on your computer or while connected to the company network.
  • Random notifications of login attempts to your accounts from when you were not using them. Or log in locations that you haven’t been to.
  • Changes to sensitive data in your systems, such as changes to financial systems and payment details.
  • Frequent browser or system pop-ups.
  • The redirection of internet searches when you have typed in an address that you know is correct/have been to before.

If you suspect that you have been hacked for the reasons above or any other reason, the best thing to do is take action quickly. Get the assistance of an IT specialist to help protect you from any further damage. The quicker you act, the more likely you can prevent any damage. If your company has an internal IT team or an IT support partner, inform them immediately.

Reporting the situation as quickly as possible is the first step you should take. Ensuring to include as much detail as possible about your experience. If you need access to an IT specialist or an internal team, you will need to find someone to assist you who has the skills and expertise necessary for the job. This is usually known as “cyberattack remediation”. A quick Google search should bring up specialists within your area who will be able to help as soon as possible. No matter the size of your company, an IT partner in place before a cyber breach happens will save you time and money.

2. Analyse the extent of the breach and remediate.

Once you have recruited an IT professional, they’ll begin scanning for the compromised elements of your network. And they will be able to grasp the scale of the hacking. They may have to lock the system down to prevent a further breach. The best thing to do is to stay calm. This could be a small attack that has only compromised one single device or could have spread through to the network. In recent years, one particular attack has become a lot more common and is known as ‘ransomware’.

This is when software encrypts files on a PC, laptop, server or any data storage device it can access. Ransomware is usually used to effectively scramble the data. And it prevents an end-user from accessing it. This means that you would be unable to access your compromised network. And the hacker may have access to all of your files and sensitive information stored on your devices.

You could only access it with a very complex key, allowing you to unlock the files. In some circumstances, the cybercriminals will request a ransom fee to hand over the key. You may need to pay in cryptocurrency to access the files. In the event of a ransomware scenario, you generally have the option of “fixing” the problem. It consists of paying the ransom (which is not always a fool-proof option). Or recovering your data from a previous backup. In the SOPHOS report (The State of Ransomware 2021), it was found that:

  • 8% of businesses who paid the ransom actually recovered all of their data
  • These businesses recovered no more than 50% of their data after paying
  • After paying the ransom, the average amount of data recovered was 65%

When looking at these statistics, it’s clear that paying the ransom is the fastest way to recover your data. But it is definitely not a quick and easy fix that will work. If you decide to forego this route, your IT partner will likely be able to communicate with the cybercriminals on your behalf. To regain access to as much data as possible. The other option is to recover your data from a backup.

Depending on your backup process, this could be an effective option. You have to decide if you can still manage after losing data. Which is anything between 1 hour and 1-week-old, depending on your backup process. And how often your data is backed up. If your backup process is not very robust, consider your options carefully. Restoring your data should be easy for you or your IT team if your backup is available. No matter how you decide to take action, there are some next steps to consider, including…

3. Next steps you need to take.

It is a legal requirement within the UK to report any data breaches within 72 hours. The criteria are “accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data” thanks to new GDPR laws. You have 3 days from identifying the breach to reporting it. The ICO are the body that oversees GDPR. And they have a website that includes helpful information on what to do if you think you have been hacked. The website also contains a free self-assessment form. It’s an easy way to understand if you need to report your possible breach. The main question you’ll be asked is, “What are you doing as a result of the breach?”. It will prompt a detailed plan from you (or your IT specialist). To outline the ways you will be moving forward with increased data protection.

You will likely need to provide a plan outlining these steps. Which could include an altering of current procedures and heightened cybersecurity software. And maybe some additional staff training. It is vital to ask your IT team or specialist if they can locate evidence of how the attack was initiated. This information will be key when moving forward with increased cybersecurity measures. It makes you aware of a security system flaw, which means you can prevent it from happening again.

When you report a breach, it is only sometimes guaranteed that you’ll get fined. You need to show you have taken cybersecurity seriously before the breach. And that you have a plan to improve it afterwards. Provide as much detailed information on how you plan to ensure this doesn’t happen again. And it will ensure you’ve looked on more favourably in the future. You may face more serious consequences if you fail to report the breach. You may be charged a large fine or a percentage of your global turnover. To discuss preparing your cybersecurity system, talk to us at Synergy-UK on 0114 221 6569.

Sam Ashford
Sam Ashford - Author

Hey, I'm Sam Ashford! I have 20 years of experience in the IT industry. I have worked as a security analyst, trainer, and writer at Synergy-UK for over ten years.

Continue Reading

How to Stop Spam Emails?

How to Stop Spam Emails?

Explore effective strategies to combat email spam in our guide. Learn various techniques to manage, reduce, and prevent unwanted emails.

What is data encryption? And why it’s vital for businesses?

What is data encryption? And why it’s vital for businesses?

What is data encryption? And is it needed for small businesses? We explain everything in depth and why it's crucial for Cybersecurity.

Changing IT Provider

Changing IT Provider

Are you satisfied with your current IT provider, or do you feel like your business could benefit from a change?

Why choose Synergy-UK?

Get started with Synergy

    You must accept the terms of our Privacy Policy to send this form